Creating multiple diagnostic virtual machines to monitor allocated resources of a cluster of hypervisors

ABSTRACT

A diagnostic virtual machine having access to resources of an infrastructure as a service cloud may be created. A user device may be provided access to the diagnostic virtual machine. In some embodiments, the diagnostic virtual machine may be configured to monitor a cluster of hypervisors, and the resources of the infrastructure as a service cloud which the diagnostic virtual machine has access to may include physical resources of the infrastructure as a service cloud that are associated with the cluster of hypervisors.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of and claims priority to U.S. patentapplication Ser. No. 13/686,445, filed Nov. 27, 2012, and entitled“DIAGNOSTIC VIRTUAL MACHINE,” the disclosure of which is incorporated byreference herein in its entirety and made part hereof.

FIELD

This application generally relates to virtualization of computers andcomputer networks. In particular, this application relates to adiagnostic virtual machine.

BACKGROUND

Traditionally, personal computers included operating systems,applications, and user settings for a single user. Personal computerswere generally both used and managed by their owners. However, manyorganizations are now using virtualization, remote access, and/or cloudsof computing resources to fulfill their computing needs. Clouds ofvirtualized computing resources generally allow for the operatingsystems, applications, and user settings of multiple users to beincluded on a single physical machine. Desktop virtualization technologyallows multiple instances of an operating system to be kept separate, sothe activities of one user do not affect the experience of other users.Cloud computing environments allow for computers owned by the cloudoperator to be managed by the cloud operator but used by cloud users,who may be customers of the cloud operator. Cloud computing environmentsmay also support multiple organizations via single software instances(e.g., multi-tenancy).

Virtualization and multi-tenancy present new challenges for diagnosingproblems or performance issues, and providing support to end users. Forexample, in a traditional computing environment, when performance issuesarise, an administrator can run diagnostic routines on the particularpersonal computer presenting the issue. In a virtualized environment,however, an administrator may not have direct access to a virtualmachine presenting performance issues. For example, the owner of avirtual machine may be in a separate administrative domain, inaccessibleto the cloud operator. Similarly, in a traditional computingenvironment, an administrator may be able to provide support to a userexperiencing difficulty (e.g., via a remote desktop application). In amulti-tenant virtualized environment, however, an administrator may beunable to access the particular virtual machine utilized by the troubleduser.

SUMMARY

In light of the foregoing background, the following presents asimplified summary of the present disclosure in order to provide a basicunderstanding of some aspects described herein. This summary is not anextensive overview, and it is not intended to identify key or criticalelements or to delineate the scope of the claims. The following summarymerely presents various described aspects in a simplified form as aprelude to the more detailed description provided below.

According to aspects described herein, a diagnostic virtual machinehaving access to resources of an infrastructure as a service cloud maybe created. A user device may be provided access to the diagnosticvirtual machine.

In some embodiments, the diagnostic virtual machine may be configured tomonitor a cluster of hypervisors, and the resources of theinfrastructure as a service cloud which the diagnostic virtual machinehas access to may include physical resources of the infrastructure as aservice cloud that are associated with the cluster of hypervisors.

In some embodiments, the user device that is provided access to thediagnostic virtual machine may receive input from an administrator ofthe cluster of hypervisors. A portion of the physical resources of theinfrastructure as a service cloud associated with the cluster ofhypervisors may support a virtual machine hosted by the cluster ofhypervisors. The virtual machine may receive input from a userrequesting assistance from the administrator of the cluster ofhypervisors. The diagnostic virtual machine may be created in responseto the user requesting assistance from the administrator of the clusterof hypervisors. The diagnostic virtual machine may be configured toprovide access to the portion of physical resources supporting thevirtual machine receiving input from the user requesting assistance fromthe administrator of the cluster of hypervisors.

In some embodiments, the virtual machine hosted by the cluster ofhypervisors may be hosted by one or more specific hypervisors of thecluster of hypervisors, and the diagnostic virtual machine may beconfigured to be hosted by the one or more specific hypervisors hostingthe virtual machine.

In some embodiments, the virtual machine hosted by the cluster ofhypervisors may be configured to operate within a network isolated fromone or more other virtual machines supported by the infrastructure as aservice cloud, and the diagnostic virtual machine may be configured tooperate within the network isolated from the one or more other virtualmachines supported by the infrastructure as a service cloud. The networkisolated from the one or more other virtual machines supported by theinfrastructure as a service cloud may comprise a virtual local areanetwork (VLAN).

In some embodiments, the diagnostic virtual machine may report one ormore performance metrics related to at least some of the physicalresources of the infrastructure as a service cloud associated with thecluster of hypervisors to a resource management service of theinfrastructure as a service cloud. The resource management service maydetermine, based on the one or more performance metrics, that additionalphysical resources of the infrastructure as a service cloud should beallocated to the cluster of hypervisors. The resource management servicemay trigger allocation of the additional physical resources of theinfrastructure as a service cloud to the cluster of hypervisors. Theresource management service may also trigger creation of a newdiagnostic virtual machine having access to the additional physicalresources of the infrastructure as a service cloud.

In some embodiments, the diagnostic virtual machine may be configured toprovide the user device with at least one performance metric of theresources of the infrastructure as a service cloud. The at least oneperformance metric may include processor utilization, memoryutilization, network utilization, or storage utilization.

BRIEF DESCRIPTION OF THE DRAWINGS

Having thus described aspects of the disclosure in general terms,reference will now be made to the accompanying drawings, which are notnecessarily drawn to scale, and wherein:

FIG. 1 illustrates an example operating environment in which variousaspects of the disclosure may be implemented.

FIG. 2 is a block diagram that depicts embodiments of a virtualizationserver in accordance with one or more illustrative aspects describedherein.

FIG. 3 shows an illustrative infrastructure as a service cloud in whicha diagnostic virtual machine may be created in accordance with one ormore illustrative aspects described herein.

FIG. 4 shows an illustrative infrastructure as a service cloud thatincludes multiple isolated networks in which a diagnostic virtualmachine may be created in accordance with one or more illustrativeaspects described herein.

FIG. 5 illustrates a method for creating a diagnostic virtual machine inresponse to a user request for assistance in accordance with one or moreillustrative aspects described herein.

FIG. 6 illustrates a method for creating a diagnostic virtual machineand utilizing the diagnostic virtual machine to allocate physicalresources in accordance with one or more illustrative aspects describedherein.

DETAILED DESCRIPTION

In the following description of the various embodiments, reference ismade to the accompanying drawings, which form a part hereof, and inwhich is shown by way of illustration various embodiments in whichaspects described herein may be practiced. It is to be understood thatother embodiments may be utilized and structural and functionalmodifications may be made without departing from the scope and spirit ofthe present disclosure.

As will be appreciated by one of skill in the art upon reading thefollowing disclosure, various aspects described herein may be embodiedas a method, a data processing system, or a computer program product.Accordingly, those aspects may take the form of an entirely hardwareembodiment, an entirely software embodiment or an embodiment combiningsoftware and hardware aspects.

Furthermore, such aspects may take the form of a computer programproduct stored by one or more computer-readable storage media havingcomputer-readable program code, or instructions, embodied in or on thestorage media. Any suitable computer readable storage media may beutilized, including hard disks, CD-ROMs, optical storage devices,magnetic storage devices, and/or any combination thereof. In addition,various signals representing data or events as described herein may betransferred between a source and a destination in the form ofelectromagnetic waves traveling through signal-conducting media such asmetal wires, optical fibers, and/or wireless transmission media (e.g.,air and/or space).

FIG. 1 illustrates an example block diagram of a generic computingdevice 101 (e.g., a computer server 106 a) in an example computingenvironment 100 that may be used according to one or more illustrativeembodiments of the disclosure. According to one or more aspects, genericcomputing device 101 may be a server 106 a in a single-server ormulti-server desktop virtualization system (e.g., a cloud system)configured to provide virtual machines for client access devices. Thegeneric computing device 101 may have a processor 103 for controllingoverall operation of the server and its associated components, includingrandom access memory (RAM) 105, read-only memory (ROM) 107, input/output(I/O) module 109, and memory 115.

I/O module 109 may include a mouse, keypad, touch screen, scanner,optical reader, and/or stylus (or other input device(s)) through which auser of generic computing device 101 may provide input, and may alsoinclude one or more of a speaker for providing audio output and a videodisplay device for providing textual, audiovisual, and/or graphicaloutput. Software may be stored within memory 115 and/or other storage toprovide instructions to processor 103 for enabling generic computingdevice 101 to perform various functions. For example, memory 115 maystore software used by the generic computing device 101, such as anoperating system 117, application programs 119, and an associateddatabase 121. Alternatively, some or all of the computer executableinstructions for generic computing device 101 may be embodied inhardware or firmware (not shown).

The generic computing device 101 may operate in a networked environmentsupporting connections to one or more remote computers, such asterminals 140 (also referred to as client devices). The terminals 140may be personal computers or servers that include many or all of theelements described above with respect to the generic computing device101. The network connections depicted in FIG. 1 include a local areanetwork (LAN) 125 and a wide area network (WAN) 129, but may alsoinclude other networks. When used in a LAN networking environment, thegeneric computing device 101 may be connected to the LAN 125 through anetwork interface or adapter 123. When used in a WAN networkingenvironment, the generic computing device 101 may include a modem 127 orother network interface for establishing communications over the WAN129, such as computer network 130 (e.g., the Internet). It will beappreciated that the network connections shown are illustrative andother means of establishing a communications link between the computersmay be used.

Generic computing device 101 and/or terminals 140 may also be mobileterminals (e.g., mobile phones, smartphones, PDAs, notebooks, etc.)including various other components, such as a battery, speaker, andantennas (not shown).

The disclosure is operational with numerous other general purpose orspecial purpose computing system environments or configurations.Examples of well-known computing systems, environments, and/orconfigurations that may be suitable for use with the disclosure include,but are not limited to, personal computers, server computers, hand-heldor laptop devices, multiprocessor systems, microprocessor-based systems,set top boxes, programmable consumer electronics, network PCs,minicomputers, mainframe computers, distributed computing environmentsthat include any of the above systems or devices, and the like.

As shown in FIG. 1, one or more client devices 140 may be incommunication with one or more servers 106 a-106 n (generally referredto herein as “server(s) 106”). In one embodiment, the computingenvironment 100 can include an appliance installed between the server(s)106 and client machine(s) 140. This appliance can manage client/serverconnections, and in some cases can load balance client connectionsamongst a plurality of backend servers 106.

The client machine(s) 140 can in some embodiments be referred to as asingle client machine 140 or a single group of client machines 140,while server(s) 106 may be referred to as a single server 106 or asingle group of servers 106. In one embodiment, a single client machine140 communicates with more than one server 106, while in anotherembodiment a single server 106 communicates with more than one clientmachine 140. In yet another embodiment, a single client machine 140communicates with a single server 106.

A client machine 140 can, in some embodiments, be referenced by any oneof the following terms: client machine(s) 140; client(s); clientcomputer(s); client device(s); client computing device(s); localmachine; remote machine; client node(s); endpoint(s); or endpointnode(s). The server 106, in some embodiments, may be referenced by anyone of the following terms: server(s), local machine; remote machine;server farm(s), or host computing device(s).

In one embodiment, the client machine 140 may be a virtual machine. Thevirtual machine may be any virtual machine, while in some embodimentsthe virtual machine may be any virtual machine managed by a hypervisordeveloped by Citrix Systems, IBM, VMware, or any other hypervisor. Insome aspects, the virtual machine may be managed by a hypervisor, whilein aspects the virtual machine may be managed by a hypervisor executingon a server 106 or a hypervisor executing on a client 140.

The client machine 140 may execute, operate or otherwise provide anapplication that can be any one of the following: software; a program;executable instructions; a virtual machine; a hypervisor; a web browser;a web-based client; a client-server application; a thin-client computingclient; an ActiveX control; a Java applet; software related to voiceover internet protocol (VoIP) communications like a soft IP telephone;an application for streaming video and/or audio; an application forfacilitating real-time-data communications; a HTTP client; a FTP client;an Oscar client; a Telnet client; or any other set of executableinstructions.

Still other embodiments include a client device 140 that displaysapplication output generated by an application remotely executing on aserver 106 or other remotely located machine. In these embodiments, theclient device 140 may execute a virtual machine receiver program orapplication to display the output in an application window, a browser,or other output window. In one example, the application is a desktop,while in other examples the application is an application that generatesa desktop. A desktop may include a graphical shell providing a userinterface for an instance of an operating system in which local and/orremote applications can be integrated. Applications, as used herein, areprograms that execute after an instance of an operating system (and,optionally, also the desktop) has been loaded.

The server 106, in some embodiments, executes a remote presentationclient or other client or program that uses a thin-client orremote-display protocol to capture display output generated by anapplication executing on a server 106 and transmits the applicationdisplay output to a remote client 140. The thin-client or remote-displayprotocol can be any one of the following protocols: the IndependentComputing Architecture (ICA) protocol manufactured by Citrix Systems,Inc. of Ft. Lauderdale, Fla.; or the Remote Desktop Protocol (RDP)manufactured by the Microsoft Corporation of Redmond, Wash.

The computing environment can include more than one server 106A-106Nsuch that the servers 106A-106N are logically grouped together into aserver farm 106, for example, in a cloud computing environment. Theserver farm 106 can include servers 106 that are geographicallydispersed and logically grouped together in a server farm 106, orservers 106 that are located proximate to each other and logicallygrouped together in a server farm 106. Geographically dispersed servers106A-106N within a server farm 106 can, in some embodiments, communicateusing a WAN, MAN, or LAN, where different geographic regions can becharacterized as: different continents; different regions of acontinent; different countries; different states; different cities;different campuses; different rooms; or any combination of the precedinggeographical locations. In some embodiments, the server farm 106 may beadministered as a single entity, while in other embodiments the serverfarm 106 can include multiple server farms 106.

In some embodiments, a server farm 106 can include servers 106 thatexecute a substantially similar type of operating system platform (e.g.,WINDOWS NT, manufactured by Microsoft Corp. of Redmond, Wash., UNIX,LINUX, or MAC OS). In other embodiments, the server farm 106 can includea first group of servers 106 that execute a first type of operatingsystem platform, and a second group of servers 106 that execute a secondtype of operating system platform. The server farm 106, in otherembodiments, can include servers 106 that execute different types ofoperating system platforms.

The server 106, in some embodiments, can be any server type. In otherembodiments, the server 106 can be any of the following server types: afile server; an application server; a web server; a proxy server; anappliance; a network appliance; a gateway; an application gateway; agateway server; a virtualization server; a deployment server; a SSL VPNserver; a firewall; a web server; an application server or as a masterapplication server; a server 106 executing an active directory; or aserver 106 executing an application acceleration program that providesfirewall functionality, application functionality, or load balancingfunctionality. Some embodiments include a first server 106A thatreceives requests from a client machine 140, forwards the request to asecond server 106 n, and responds to the request generated by the clientmachine 140 with a response from the second server 106 n. The firstserver 106A can acquire an enumeration of applications available to theclient machine 140 as well as address information associated with anapplication server 106 hosting an application identified within theenumeration of applications. The first server 106A can then present aresponse to the client's request using a web interface, and communicatedirectly with the client 140 to provide the client 140 with access to anidentified application.

Client machines 140 can, in some embodiments, be a client node thatseeks access to resources provided by a server 106. In otherembodiments, the server 106 may provide clients 140 or client nodes withaccess to hosted resources. The server 106, in some embodiments,functions as a master node such that it communicates with one or moreclients 140 or servers 106. In some embodiments, the master node canidentify and provide address information associated with a server 106hosting a requested application, to one or more clients 140 or servers106. In still other embodiments, the master node can be a server farm106, a client 140, a cluster of client nodes 140, or an appliance.

One or more clients 140 and/or one or more servers 106 can transmit dataover a network 130 installed between machines and appliances within thecomputing environment 100. The network 130 can comprise one or moresub-networks, and can be installed between any combination of theclients 140, servers 106, computing machines and appliances includedwithin the computing environment 100. In some embodiments, the network130 can be: a local-area network (LAN); a metropolitan area network(MAN); a wide area network (WAN); a primary network 104 comprised ofmultiple sub-networks located between the client machines 140 and theservers 106; a primary public network 130 (e.g., the Internet) with aprivate sub-network; a primary private network 130 with a publicsub-network; or a primary private network 130 with a privatesub-network. Still further embodiments may include a network 130 thatcan be any of the following network types: a point to point network; abroadcast network; a telecommunications network; a data communicationnetwork; a computer network; an ATM (Asynchronous Transfer Mode)network; a SONET (Synchronous Optical Network) network; a SDH(Synchronous Digital Hierarchy) network; a wireless network; a wirelinenetwork; or a network that includes a wireless link where the wirelesslink can be an infrared channel or satellite band. The network topologyof the network 130 can differ within different embodiments, possiblenetwork topologies include but are not limited to: a bus networktopology; a star network topology; a ring network topology; arepeater-based network topology; or a tiered-star network topology.Additional embodiments may include a network of mobile telephonenetworks that use a protocol to communicate among mobile devices, wherethe protocol may include, but is not limited to: AMPS; TDMA; CDMA; GSM;GPRS UMTS; or any other protocol able to transmit data among mobiledevices.

FIG. 1 shows a high-level architecture of an illustrative desktopvirtualization system. As shown, the desktop virtualization system maybe a single-server, multi-server system, or cloud system, including atleast one virtualization server 106 configured to provide virtualdesktops and/or virtual applications to one or more client accessdevices 140. As used herein, a desktop refers to a graphical environmentor space in which one or more applications may be hosted and/orexecuted. A desktop may include a graphical shell providing a userinterface for an instance of an operating system in which local and/orremote applications can be integrated. Applications may include programsthat execute after an instance of an operating system (and, optionally,also the desktop) has been loaded. Each instance of the operating systemmay be physical (e.g., one operating system per device) or virtual(e.g., many instances of an OS running on a single device). Eachapplication may be executed on a local device, or executed on a remotelylocated device (e.g., remoted).

Illustrated in FIG. 2 is one embodiment of a computer device 201configured as a virtualization server in a virtualization environment,for example, a single-server, multi-server, or cloud computingenvironment. The virtualization server 201 illustrated in FIG. 2 can bedeployed as and/or implemented by one or more embodiments of the server106 illustrated in FIG. 1 or by other known computing devices. Includedin virtualization server 201 is a hardware layer that can include one ormore physical disks 204, one or more physical devices 206, one or morephysical processors 208 and a physical memory 216. In some embodiments,firmware 212 can be stored within a memory element in the physicalmemory 216 and can be executed by one or more of the physical processors208. The virtualization server 201 may further include an operatingsystem 214 that may be stored in a memory element in the physical memory216 and executed by one or more of the physical processors 208. Stillfurther, a hypervisor 402 may be stored in a memory element in thephysical memory 216 and can be executed by one or more of the physicalprocessors 208. Executing on one or more of the physical processors 208may be one or more virtual machines 232A-C (generally 232). Each virtualmachine 232 may have a virtual disk 226A-C and a virtual processor228A-C. In some embodiments, a first virtual machine 232A may execute,on a virtual processor 228A, a control program 220 that includes a toolsstack 224. In other embodiments, one or more virtual machines 232B-C maybe executed, on a virtual processor 228B-C, a guest operating system230A-B.

Further referring to FIG. 2, and in more detail, the virtualizationserver 201 may include a hardware layer 210 with one or more pieces ofhardware that communicate with the virtualization server 201. In someembodiments, the hardware layer 210 can include one or more physicaldisks 204, one or more physical devices 206, one or more physicalprocessors 208, and one or more memory 216. Physical components 204,206, 208, and 216 may include, for example, any of the componentsdescribed above with respect to FIG. 1. For instance, physical disks 204may include permanent memory storage, temporary memory storage, diskdrives (e.g., optical, floppy, tape), hard disks, external hard drives,flash memory, network-attached storage, a storage-area network, or anyother storage repository that the virtualization server 201 can access.Physical devices 206 may include any device included in thevirtualization server 201 and/or any combination of devices included inthe virtualization server 201 and external devices that communicate withthe virtualization server 201. A physical device 206 may be, forexample, a network interface card, a video card, a keyboard, a mouse, aninput device, a monitor, a display device, speakers, an optical drive, astorage device, a universal serial bus connection, a printer, a scanner,a network element (e.g., router, firewall, network address translator,load balancer, virtual private network (VPN) gateway, Dynamic HostConfiguration Protocol (DHCP) router, etc.), or any device connected toor communicating with the virtualization server 201. The physical memory216 in the hardware layer 210 may include any type of memory. Thephysical memory 216 may store data, and in some embodiments may storeone or more programs, or set of executable instructions. FIG. 2illustrates an embodiment where firmware 212 is stored within thephysical memory 216 of the virtualization server 201. Programs orexecutable instructions stored in the physical memory 216 can beexecuted by the one or more processors 208 of the virtualization server201.

Virtualization server 201 may also include a hypervisor 202. In someembodiments, hypervisor 202 may be a program executed by processors 208on the virtualization server 201 to create and manage any number ofvirtual machines 232. The hypervisor 202 can be referred to as a virtualmachine monitor, or platform virtualization software. In someembodiments, a hypervisor 202 can be any combination of executableinstructions and hardware that monitors virtual machines executing on acomputing machine. Hypervisor 202 may be a Type 2 hypervisor, or ahypervisor that executes within an operating system 214 executing on thevirtualization server 201. A Type 2 hypervisor, in some embodiments,executes within an operating system 214 environment and virtual machinesexecute at a level above the hypervisor. In many embodiments, the Type 2hypervisor executes within the context of a user's operating system suchthat the Type 2 hypervisor interacts with the user's operating system.In other embodiments, one or more virtualization servers 201 in avirtualization environment may include a Type 1 hypervisor (Not Shown).A Type 1 hypervisor may execute on the virtualization server 201 bydirectly accessing the hardware and resources within the hardware layer210. That is, while a Type 2 hypervisor 202 accesses system resourcesthrough a host operating system 214, a Type 1 hypervisor may directlyaccess all system resources without needing a host operating system 214.A Type 1 hypervisor may execute directly on one or more physicalprocessors 208 of the virtualization server 201, and may include programdata stored in the physical memory 216.

The hypervisor 202, in some embodiments, can provide virtual resourcesto operating systems 230 or control programs 220 executing on virtualmachines 232 in any manner that simulates the operating systems 230 orcontrol programs 220 having direct access to system resources. Systemresources can include: physical devices 206; physical disks; physicalprocessors; physical memory 216 and any other component included in thevirtualization server 201 hardware layer 210. In these embodiments, thehypervisor 202 may be used to emulate virtual hardware, partitionphysical hardware, virtualize physical hardware, or execute virtualmachines that provide access to computing environments. In still otherembodiments, the hypervisor 202 controls processor scheduling and memorypartitioning for a virtual machine 232 executing on the virtualizationserver 201. Hypervisor 202 may include those manufactured by VMWare,Inc., of Palo Alto, Calif.; the XEN hypervisor, an open source productwhose development is overseen by the open source Xen.org community;HyperV, VirtualServer or virtual PC hypervisors provided by Microsoft,or others. In some embodiments, a virtualization server 201 executes ahypervisor 202 that creates a virtual machine platform on which guestoperating systems may execute. In these embodiments, the virtualizationserver 201 can be referred to as a host server. An example of such avirtualization server is the XEN SERVER provided by Citrix Systems,Inc., of Fort Lauderdale, Fla.

The hypervisor 202 may create one or more virtual machines 232B-C(generally 232) in which guest operating systems 230 execute. In someembodiments, the hypervisor 202 may load a virtual machine image tocreate a virtual machine 232. In other embodiments, the hypervisor 202may execute a guest operating system 230 within the virtual machine 232.In still other embodiments, the virtual machine 232 may execute theguest operating system 230.

In addition to creating virtual machines 232, the hypervisor 202 maycontrol the execution of at least one virtual machine 232. In otherembodiments, the hypervisor 202 may present at least one virtual machine232 with an abstraction of at least one hardware resource provided bythe virtualization server 201 (e.g., any hardware resource availablewithin the hardware layer 210). In other embodiments, the hypervisor 202may control the manner in which virtual machines 232 access the physicalprocessors 208 available in the virtualization server 201. Controllingaccess to the physical processors 208 may include determining whether avirtual machine 232 should have access to a processor 208, and howphysical processor capabilities are presented to the virtual machine232.

As shown in the example of FIG. 2, the virtualization server 201 mayhost or execute one or more virtual machines 232. A virtual machine 232is a set of executable instructions that, when executed by a processor208, imitate the operation of a physical computer such that the virtualmachine 232 can execute programs and processes much like a physicalcomputing device. While FIG. 2 illustrates an embodiment where avirtualization server 201 hosts three virtual machines 232, in otherembodiments, the virtualization server 201 can host any number ofvirtual machines 232. The hypervisor 202, in some embodiments, provideseach virtual machine 232 with a unique virtual view of the physicalhardware, memory, processor and other system resources available to thatvirtual machine 232. In some embodiments, the unique virtual view can bebased on any of the following: virtual machine permissions; applicationof a policy engine to one or more virtual machine identifiers; the useraccessing a virtual machine; the applications executing on a virtualmachine; networks accessed by a virtual machine; or any other similarcriteria. For instance, the hypervisor 202 may create one or moreunsecure virtual machines 232 and one or more secure virtual machines232. Unsecure virtual machines 232 may be prevented from accessingresources, hardware, memory locations, and programs that secure virtualmachines 232 may be permitted to access. In other embodiments, thehypervisor 202 may provide each virtual machine 232 with a substantiallysimilar virtual view of the physical hardware, memory, processor andother system resources available to the virtual machines 232.

Each virtual machine 232 may include a virtual disk 226A-C (generally226) and a virtual processor 228A-C (generally 228.) The virtual disk226, in some embodiments, is a virtualized view of one or more physicaldisks 204 of the virtualization server 201, or a portion of one or morephysical disks 204 of the virtualization server 201. The virtualizedview of the physical disks 204 can be generated, provided and managed bythe hypervisor 202. In some embodiments, the hypervisor 202 provideseach virtual machine 232 with a unique view of the physical disks 204.Thus, in these embodiments, the virtual disk 226 included in eachvirtual machine 232 can be unique when compared with the other virtualdisks 226.

A virtual processor 228 can be a virtualized view of one or morephysical processors 208 of the virtualization server 201. In someembodiments, the virtualized view of the physical processors 208 can begenerated, provided and managed by the hypervisor 202. In someembodiments, the virtual processor 228 has substantially all of the samecharacteristics of at least one physical processor 208. In otherembodiments, the virtual processor 208 provides a modified view of thephysical processors 208 such that at least some of the characteristicsof the virtual processor 228 are different than the characteristics ofthe corresponding physical processor 208.

FIG. 3 shows an illustrative infrastructure as a service cloud in whicha diagnostic virtual machine may be created in accordance with one ormore illustrative aspects described herein. Referring to FIG. 3,infrastructure as a service cloud 300 may include physical resources forsupporting one or more virtual machines. For example, infrastructure asa service cloud 300 may include physical resources 302 and 304. Physicalresources 302 and 304 may include any physical resources ofinfrastructure as a service cloud 300 utilized to support one or morevirtual machines. For example, physical resources 302 and 304 mayinclude one or more processors, memories, storage mediums, or networkinterfaces utilized to support one or more virtual machines.Infrastructure as a service cloud 300 may also include one or morehypervisors for mediating access to physical resources 302 and 304. Suchhypervisors may be organized as clusters. For example, infrastructure asa service cloud 300 may include hypervisor clusters 306 and 308. Asindicated above, the hypervisors of hypervisor clusters 306 and 308 mayinclude Type I (“native”) or Type II (“hosted”) hypervisors.

One or more of the hypervisors of hypervisor clusters 306 and 308 mayhost one or more virtual machines. For example, hypervisor “1” ofhypervisor cluster 306 may host virtual machine 310. Similarly,hypervisor “2” of hypervisor cluster 306 may host virtual machine 312;hypervisor “A” of hypervisor cluster 308 may host virtual machine 314;and hypervisor “B” of hypervisor cluster 308 may host virtual machine316. The virtual machines hosted by one or more of the hypervisors ofhypervisor clusters 306 and 308 may be utilized by one or more users viaone or more user devices. A user device may be, for example, a personalcomputer (e.g., a desktop or laptop computer) or a mobile device (e.g.,a tablet computer or smartphone). For example, virtual machine 310 maybe utilized via user device 318. Similarly, virtual machine 312 may beutilized via user device 320; virtual machine 314 may be utilized viauser device 322; and virtual machine 316 may be utilized via user device324.

As indicated above, virtualization presents new challenges fordiagnosing problems or performance issues, and providing support to endusers. For example, virtualization may involve allocation of physicalresources among multiple virtual machines. For example, physicalresources 302 may be associated with hypervisor cluster 306, whilephysical resources 304 may be associated with hypervisor cluster 308.Hypervisor cluster 306 may utilize physical resources 302 to supportvirtual machines 310 and 312, and hypervisor cluster 308 may utilizephysical resources 304 to support virtual machines 314 and 316. Thus ifvirtual machine 310 experiences performance problems (e.g., due to anoverutilization of memory), performance metrics available to virtualmachines 314 and 316 may be of little use in diagnosing virtual machine310's performance problems because performance metrics (e.g., currentmemory utilization) available to virtual machines 314 and 316 maycorrespond to physical resources 304 rather than physical resources 302.Similarly, performance metrics available to virtual machine 312 may beof little use in diagnosing virtual machine 310's performance problemsbecause performance metrics (e.g., current memory utilization) availableto virtual machine 312 may correspond to a different portion of physicalresources 302 associated with hypervisor “2” of hypervisor cluster 306rather than the portion of physical resources 302 associated withhypervisor “1” of hypervisor cluster 306.

In accordance with aspects of the disclosure, a diagnostic virtualmachine may be created within infrastructure as a service cloud 300. Forexample, diagnostic virtual machine 326 may be created withininfrastructure as a service cloud 300. As used herein, “diagnosticvirtual machine” refers to a virtual machine configured specifically toperform one or more diagnostic functions. For example, diagnosticvirtual machine 326 may be configured to provide one or more performancemetrics (e.g., processor utilization, memory utilization, networkutilization, or storage utilization) related to physical resources 302or a portion thereof. Once a diagnostic virtual machine is created,access to it may be provided via one or more user devices. For example,access to diagnostic virtual machine 326 may be provided to a user viauser device 328. In some embodiments, diagnostic virtual machine 326 maybe configured to monitor a cluster of hypervisors and may be providedaccess to physical resources associated with the cluster of hypervisors.For example, diagnostic virtual machine 326 may be configured to monitorhypervisor cluster 306 and may be provided access to physical resources302. In some embodiments, diagnostic virtual machine 326 may beconfigured to be hosted by one or more specific hypervisors within acluster of hypervisors, and may be provided access to a portion ofphysical resources associated with such hypervisor(s). For example,diagnostic virtual machine 326 may be configured to be hosted byhypervisor “1” of hypervisor cluster 306, and diagnostic virtual machine326 may be provided access to a portion of physical resources 302associated with hypervisor “1” of hypervisor cluster 306.

It will be appreciated, that by configuring diagnostic virtual machine326 to monitor a cluster of hypervisors and providing diagnostic virtualmachine 326 with access to physical resources associated with thecluster of hypervisors, and/or configuring diagnostic virtual machine326 to be hosted by a specific hypervisor within a cluster ofhypervisors and providing diagnostic virtual machine 326 with access toa portion of physical resources associated with the specifichypervisor(s), diagnostic virtual machine 326 may provide one or morediagnostic functions that more closely represent actual conditionsexperienced by a virtual machine hosted by the cluster of hypervisors,accessing the physical resources associated with the cluster ofhypervisors, or hosted by the specific hypervisor within the cluster ofhypervisors. For example, returning to the scenario described above, ifvirtual machine 310 experiences performance problems (e.g., due to anoverutilization of memory), diagnostic virtual machine 326 may becreated and may be configured to be hosted by the specific hypervisorwithin hypervisor cluster 306 that is hosting virtual machine 310 (e.g.,hypervisor “1”), and may be configured to access the portion of physicalresources 302 which virtual machine 310 is configured to access.Accordingly, performance metrics (e.g., current memory utilization)available to diagnostic virtual machine 326 may more accuratelyrepresent the performance of virtual machine 310. As will be describedin greater detail below, such performance metrics may be utilized toallocate additional physical resources to hypervisor cluster 306,hypervisor “1” of hypervisor cluster 306, or virtual machine 310.Additionally or alternatively, diagnostic virtual machine 326 may beutilized by an administrator associated with hypervisor cluster 306 toidentify or diagnose one or more problems being experienced by virtualmachine 310 (e.g., a memory leak associated with an application beingrun by virtual machine 310).

FIG. 4 shows an illustrative infrastructure as a service cloud thatincludes multiple isolated networks in which a diagnostic virtualmachine may be created in accordance with one or more illustrativeaspects described herein. Referring to FIG. 4, as discussed above withrespect to FIG. 3, infrastructure as a service cloud 400 may includephysical resources 402 for supporting one or more virtual machines.Infrastructure as a service cloud 400 may also include hypervisorcluster 404 for mediating access to physical resources 402. One or moreof the hypervisors of hypervisor cluster 404 may host one or morevirtual machines. For example, hypervisor “1” of hypervisor cluster 404may host virtual machine 406. Similarly, hypervisor “2” of hypervisorcluster 404 may host virtual machine 408; and hypervisor “N” ofhypervisor cluster 404 may host virtual machines 410 and 412. Thevirtual machines hosted by one or more of the hypervisors of hypervisorcluster 404 may be utilized by one or more users via one or more userdevices. For example, virtual machine 406 may be utilized via userdevice 414. Similarly, virtual machine 408 may be utilized via userdevice 416; virtual machine 410 may be utilized via user device 418; andvirtual machine 412 may be utilized via user device 420.

One or more virtual machines within infrastructure as a service cloud400 may communicate with each other via a network isolated from othervirtual machines within infrastructure as a service cloud 400. In someembodiments, one or more virtual machines may be isolated from othervirtual machines within infrastructure as a service cloud 400 via, forexample, a virtual local area network (VLAN) and/or one or more otherforms of network isolation such as overlay networks (e.g., GenericRouting Encapsulation (GRE) tunnels, Virtual eXtensible Local AreaNetworks (VxLANs)). For example, virtual machines 406 and 408 may bepart of VLAN 422. Similarly, virtual machines 410 and 412 may be part ofVLAN 424. VLANs 422 and 424 may be isolated from each other and/or fromone or more other VLANs or virtual machines within infrastructure as aservice cloud 400. For example, VLANs 422 and 424 may correspond todifferent customers of infrastructure as a service cloud 400. Asindicated above, virtualization presents new challenges for diagnosingproblems or performance issues. For example, due to the isolation ofVLANs 422 and 424 from each other, performance metrics (e.g., networkutilization) pertaining to VLAN 424 may have little relevance to actualconditions of VLAN 422.

In accordance with aspects of the disclosure, a diagnostic virtualmachine may be created within infrastructure as a service cloud 400 andmay be configured to operate within one or more networks (e.g., VLANs)isolated from one or more virtual machines within infrastructure as aservice cloud 400. For example, diagnostic virtual machine 426 may becreated within infrastructure as a service cloud 400 and may beconfigured to operate within VLAN 422. Once created, diagnostic virtualmachine 426 may be accessed by one or more users, for example, via userdevice 428.

It will be appreciated, that by configuring diagnostic virtual machine426 to operate within VLAN 422, diagnostic virtual machine 426 mayprovide one or more diagnostic functions that more closely representactual conditions experienced by a virtual machine operating within VLAN422 (e.g., virtual machines 406 and 408). For example, if virtualmachine 406 experiences performance problems (e.g., due to anoverutilization of network resources within VLAN 422), diagnosticvirtual machine 426 may be created and may be configured to operatewithin VLAN 422. Accordingly, performance metrics (e.g., current networkutilization) available to diagnostic virtual machine 426 may moreaccurately represent conditions experienced by virtual machine 406. Aswill be described in greater detail below, such performance metrics maybe utilized to allocate additional resources to hypervisor cluster 404,hypervisor “1” of hypervisor cluster 404, virtual machine 406, or VLAN422. Additionally or alternatively, diagnostic virtual machine 426 maybe utilized by an administrator associated with hypervisor cluster 404to identify or diagnose one or more problems being experienced byvirtual machine 406 (e.g., an application or service consuming networkresources within VLAN 422).

FIG. 5 illustrates a method for creating a diagnostic virtual machine inresponse to a user request for assistance in accordance with one or moreillustrative aspects described herein. Referring to FIG. 5, the stepsmay be performed by one or more computing devices of an infrastructureas a service cloud. For example, one or more program modules of controlprogram 220, running on virtual machine 232A, may configurevirtualization server 201 to perform one or more steps described herein.At step 500, a virtual machine may be created for a user. For example,virtual machine 406 may be created within infrastructure as a servicecloud 400 for a user utilizing user device 414. At step 502, a supportrequest may be received from the virtual machine user. For example, asupport request may be received from user device 414 indicating that auser utilizing virtual machine 406 is having trouble accessing a networkresource (e.g., due to limited network availability). At step 504, acluster of hypervisors supporting the virtual machine may be identified.For example, virtual machine 406 may be supported by hypervisor cluster404, and on or more program modules of control program 220 may identifyhypervisor cluster 404 as supporting virtual machine 406. At step 506, aspecific hypervisor hosting the virtual machine may be identified fromamong one or more hypervisors of the hypervisor cluster supporting thevirtual machine. For example, hypervisor “1” of hypervisor cluster 404may be hosting virtual machine 406, and one or more program modules ofcontrol program 220 may identify hypervisor “1” of hypervisor cluster404 as hosting virtual machine 406.

At step 508, a diagnostic virtual machine may be created. For example,diagnostic virtual machine 426 may be created. In some embodiments,diagnostic virtual machine 426 may be configured to be hosted by theidentified cluster of hypervisors supporting virtual machine 406 and/orthe identified one or more hypervisors of hypervisor cluster 404 hostingvirtual machine 406. For example, diagnostic virtual machine 426 may beconfigured to be hosted by hypervisor “1” of hypervisor cluster 404. Insome embodiments, diagnostic virtual machine 426 may be configured tomonitor hypervisor cluster 404, hypervisor “1” of hypervisor cluster404, physical resources 402, and/or a portion of physical resources 402associated with hypervisor “1” of hypervisor cluster 404. At step 510, adetermination may be made as to whether the virtual machine is part of aVLAN. For example, one or more program modules of control program 220,may determine that virtual machine 406 is part of VLAN 422. At step 512,in response to determining that the virtual machine is part of a VLAN,the diagnostic virtual machine may be configured to be part of the VLAN.For example, in response to determining that virtual machine 406 is partof VLAN 422, diagnostic virtual machine 426 may be configured to be partof VLAN 422. Returning to step 510, in response to determining that thevirtual machine is not a part of a VLAN, the method may proceed to step514. For example, one or more program modules of control program 220 maydetermine that virtual machine 426 is not part of a VLAN, and thereforeit may not be necessary to configure diagnostic virtual machine 426 tobe part of a VLAN.

At step 514, a user device may be provided access to the diagnosticvirtual machine. For example, user device 428 may be provided access todiagnostic virtual machine 426. In some embodiments, user device 428 maybe utilized by an administrator of hypervisor cluster 404 who isresponding to the service request from the user of virtual machine 406.It will be appreciated that by configuring diagnostic virtual machine426 to be supported by hypervisor cluster 404, to be hosted byhypervisor “1” of hypervisor cluster 404, to be a part of VLAN 422,and/or to have access to physical resources 402 or a portion of physicalresources 402 associated with virtual machine 406, diagnostic virtualmachine 426 may present the administrator with a view of infrastructureas a service cloud 400 similar to that being experienced by the user ofvirtual machine 406. For example, referring to the scenario describedabove, if the user utilizing virtual machine 406 is having troubleaccessing a network resource (e.g., due to limited networkavailability), the administrator may utilize diagnostic virtual machine426 to obtain one or more performance metrics (e.g., networkutilization) associated with physical resources 402. The performancemetric(s) may then be utilized by the administrator in diagnosing theunderlying problem (e.g., overutilization of one or more resourceswithin physical resources 402 or too much network traffic associatedwith VLAN 422).

FIG. 6 illustrates a method for creating a diagnostic virtual machineand utilizing the diagnostic virtual machine to allocate physicalresources in accordance with one or more illustrative aspects describedherein. Referring to FIG. 6, the steps may be performed by one or morecomputing devices of an infrastructure as a service cloud. For example,one or more program modules of control program 220, running on virtualmachine 232A, may configure virtualization server 201 to perform one ormore steps described herein. At step 600, a virtual machine may becreated for a user. For example, virtual machine 310 may be createdwithin infrastructure as a service cloud 300 for a user utilizing userdevice 318. At step 602, a diagnostic virtual machine may be created.For example, diagnostic virtual machine 326 may be created. In someembodiments, diagnostic virtual machine 326 may be configured to besupported by a cluster of hypervisors supporting the virtual machine,hosted by a specific hypervisor within the cluster of hypervisorssupporting the virtual machine that hosts the virtual machine, and/oraccess physical resources associated with the cluster of hypervisors ora portion of the physical resources associated with the cluster ofhypervisors that are associated with the virtual machine. For example,virtual machine 310 may be hosted by hypervisor “1” of hypervisorcluster 306 and associated with a portion of physical resources 302, anddiagnostic virtual machine 326 may be configured to be hosted byhypervisor “1” of hypervisor cluster 306 and associated with the portionof physical resources 302 associated with virtual machine 310.

At step 604, the diagnostic virtual machine may monitor one or moreperformance metrics. For example, diagnostic virtual machine 326 may beconfigured to monitor one or more performance metrics (e.g., processorutilization, network utilization, memory utilization, storageutilization) for the portion of physical resources 302 associated withvirtual machine 310. At step 606, the diagnostic virtual machine mayreport the one or more monitored performance metrics to a resourcemanagement service of the infrastructure as a service cloud. Forexample, diagnostic virtual machine 326 may report one or moreperformance metrics (e.g., memory utilization) to one or more programmodules of control program 220. At step 608, the resource managementservice may determine, based on the one or more reported performancemetrics, whether additional physical resources should be allocated tothe cluster of hypervisors and/or one or more specific hypervisorswithin the cluster of hypervisors. For example, one or more programmodules of control program 220 may determine, based on the performancemetrics reported by diagnostic virtual machine 326, whether additionalphysical resources (e.g., additional memory) should be allocated tohypervisor cluster 306 and/or hypervisor “1” of hypervisor cluster 306.

At step 610, responsive to determining that additional physicalresources should be allocated to the cluster of hypervisors and/or oneor more specific hypervisors within the cluster of hypervisors, theresource management service may trigger the allocation of the additionalphysical resources. For example, responsive to one or more programmodules of control program 220 determining that additional physicalresources (e.g., additional memory) should be allocated to hypervisorcluster 306 and/or hypervisor “1” of hypervisor cluster 306, one or moreprogram modules of control program 220 may trigger the allocation of theadditional physical resources to hypervisor cluster 306 and/orhypervisor “1” of hypervisor cluster 306 (e.g., a portion of memorywithin physical resources 304 may be allocated to physical resources302, associated with hypervisor cluster 306 and/or hypervisor “1” ofhypervisor cluster 306).

At step 612, a new diagnostic virtual machine may be created. Forexample, one or more program modules of control program 220 may triggerthe creation of a new diagnostic virtual machine configured to monitorone or more performance metrics for the additional physical resourcesallocated to hypervisor cluster 306 and/or hypervisor “1” of hypervisorcluster 306. The method may then return to step 604, where thediagnostic virtual machine(s) (e.g., diagnostic virtual machine 326and/or the new diagnostic virtual machine) may monitor the one or moreperformance metrics. Returning to step 608, responsive to determiningthat additional physical resources do not need to be allocated to thecluster of hypervisors and/or one or more specific hypervisors withinthe cluster of hypervisors, the method may return to step 604, wherediagnostic virtual machine 326 may continue to monitor the one or moreperformance metrics.

Aspects of the disclosure have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one of ordinary skill in the art willappreciate that the steps illustrated in the illustrative figures may beperformed in other than the recited order, and that one or more stepsillustrated may be optional in accordance with aspects of thedisclosure. Modifications may be made by those skilled in the art,particularly in light of the foregoing teachings. For example, each ofthe elements of the aforementioned embodiments may be utilized alone orin combination or sub-combination with elements of the otherembodiments. It will also be appreciated and understood thatmodifications may be made without departing from the spirit and scope ofthe following claims.

What is claimed is:
 1. A method comprising: creating a diagnosticvirtual machine configured to monitor a cluster of hypervisors and haveaccess to physical resources, of an infrastructure as a service cloud,associated with a virtual machine hosted by the cluster of hypervisors;reporting, by the diagnostic virtual machine and to a resourcemanagement service of the infrastructure as a service cloud, one or moreperformance metrics related to the physical resources; determining, bythe resource management service and based on the one or more performancemetrics, that additional physical resources of the infrastructure as aservice cloud should be allocated to the cluster of hypervisors;triggering, by the resource management service, allocation of theadditional physical resources to the cluster of hypervisors; andtriggering, by the resource management service, creation of a newdiagnostic virtual machine, the new diagnostic virtual machine havingaccess to the additional physical resources.
 2. The method of claim 1,comprising receiving, by the virtual machine, input from a userrequesting assistance from an administrator of the cluster ofhypervisors.
 3. The method of claim 2, wherein creating the diagnosticvirtual machine is performed in response to receiving the input.
 4. Themethod of claim 1, wherein the virtual machine is hosted by one or morespecific hypervisors of the cluster of hypervisors, the methodcomprising configuring the diagnostic virtual machine to be hosted bythe one or more specific hypervisors.
 5. The method of claim 1, whereinthe virtual machine is configured to operate within a network isolatedfrom one or more other virtual machines supported by the infrastructureas a service cloud, the method comprising configuring the diagnosticvirtual machine to operate within the network.
 6. The method of claim 5,wherein the network comprises at least one of a Virtual Local AreaNetwork (VLAN), a Generic Routing Encapsulation (GRE) tunnel, or aVirtual eXtensible Local Area Network (VxLAN).
 7. The method of claim 1,wherein the one or more performance metrics comprise at least one ofprocessor utilization, memory utilization, network utilization, orstorage utilization.
 8. A system comprising: at least one processor; anda memory storing instructions that when executed by the at least oneprocessor cause: the system to create a diagnostic virtual machineconfigured to monitor a cluster of hypervisors and have access tophysical resources, of an infrastructure as a service cloud, associatedwith a virtual machine hosted by the cluster of hypervisors; thediagnostic virtual machine to report, to a resource management serviceof the infrastructure as a service cloud, one or more performancemetrics related to the physical resources; and the resource managementservice to: determine, based on the one or more performance metrics,that additional physical resources of the infrastructure as a servicecloud should be allocated to the cluster of hypervisors; triggerallocation of the additional physical resources to the cluster ofhypervisors; and trigger creation of a new diagnostic virtual machine,the new diagnostic virtual machine having access to the additionalphysical resources.
 9. The system of claim 8, wherein the instructions,when executed by the at least one processor, cause the virtual machineto receive input from a user requesting assistance from an administratorof the cluster of hypervisors.
 10. The system of claim 9, wherein theinstructions, when executed by the at least one processor, cause thesystem to create the diagnostic virtual machine in response to thevirtual machine receiving the input.
 11. The system of claim 8, wherein:the virtual machine is hosted by one or more specific hypervisors of thecluster of hypervisors; and the instructions, when executed by the atleast one processor, cause the system to configure the diagnosticvirtual machine to be hosted by the one or more specific hypervisors.12. The system of claim 8, wherein: the virtual machine is configured tooperate within a network isolated from one or more other virtualmachines supported by the infrastructure as a service cloud; and theinstructions, when executed by the at least one processor, cause thesystem to configure the diagnostic virtual machine to operate within thenetwork.
 13. The system of claim 12, wherein the network comprises atleast one of a Virtual Local Area Network (VLAN), a Generic RoutingEncapsulation (GRE) tunnel, or a Virtual eXtensible Local Area Network(VxLAN).
 14. The system of claim 8, wherein the one or more performancemetrics comprise at least one of processor utilization, memoryutilization, network utilization, or storage utilization.
 15. One ormore non-transitory computer-readable media comprising instructions thatwhen executed by one or more computers cause: the one or more computersto create a diagnostic virtual machine configured to monitor a clusterof hypervisors and have access to physical resources, of aninfrastructure as a service cloud, associated with a virtual machinehosted by the cluster of hypervisors; the diagnostic virtual machine toreport, to a resource management service of the infrastructure as aservice cloud, one or more performance metrics related to the physicalresources; and the resource management service to: determine, based onthe one or more performance metrics, that additional physical resourcesof the infrastructure as a service cloud should be allocated to thecluster of hypervisors; trigger allocation of the additional physicalresources to the cluster of hypervisors; and trigger creation of a newdiagnostic virtual machine, the new diagnostic virtual machine havingaccess to the additional physical resources.
 16. The one or morenon-transitory computer-readable media of claim 15, wherein theinstructions, when executed by the one or more computers, cause: thevirtual machine to receive input from a user requesting assistance froman administrator of the cluster of hypervisors; and the one or morecomputers to create the diagnostic virtual machine in response to thevirtual machine receiving the input.
 17. The one or more non-transitorycomputer-readable media of claim 15, wherein: the virtual machine ishosted by one or more specific hypervisors of the cluster ofhypervisors; and the instructions, when executed by the one or morecomputers, cause the one or more computers to configure the diagnosticvirtual machine to be hosted by the one or more specific hypervisors.18. The one or more non-transitory computer-readable media of claim 15,wherein: the virtual machine is configured to operate within a networkisolated from one or more other virtual machines supported by theinfrastructure as a service cloud; and the instructions, when executedby the one or more computers, cause the one or more computers toconfigure the diagnostic virtual machine to operate within the network.19. The one or more non-transitory computer-readable media of claim 18,wherein the network comprises at least one of a Virtual Local AreaNetwork (VLAN), a Generic Routing Encapsulation (GRE) tunnel, or aVirtual eXtensible Local Area Network (VxLAN).
 20. The one or morenon-transitory computer-readable media of claim 15, wherein the one ormore performance metrics comprise at least one of processor utilization,memory utilization, network utilization, or storage utilization.